<?php
class member extends spController
{
	function login()
	{
		$top_parameters = base64_decode($_GET['top_parameters']);
		parse_str($top_parameters);
		$visitor_nick = iconv ( 'gbk' , 'utf-8' , $visitor_nick );
		$_SESSION['visitor_id'] = $visitor_id ? $visitor_id : 0;
		$_SESSION['visitor_nick'] = $visitor_nick;
		$_SESSION['top_session'] = $_GET['top_session'];

		$m_member = spClass("m_member");
		$Denied_user = spAccess('r',  'Denied_user');	//防止用户恶意登录
		if(!$Denied_user) {
			$Denied_user_arr = $m_member->findSql("SELECT `visitor_id` FROM `member` WHERE `logintimes`>50 AND `visitor_id` NOT IN (SELECT `visitor_id` FROM `click`)");	//登录次数50次以上且没有点击记录则为ads用户
			foreach($Denied_user_arr as $v)
			{
				$Denied_user[$v['visitor_id']] = $v['visitor_id'];
			}
			spAccess('w',  'Denied_user', $Denied_user, 25200);
		}
		if($_SESSION['visitor_id']!=0 && !empty($Denied_user) && in_array($_SESSION['visitor_id'], $Denied_user)) exit('Access Denied');

		if(!empty($visitor_id) && !empty($visitor_nick)) {
			if($m_member->find(array('visitor_id'=>$visitor_id))) {
				$sql = "UPDATE member SET logintimes=logintimes+1 WHERE visitor_id='$visitor_id'"; //居然忘写where语句....2012-2-1
				$m_member->runSql($sql);
			} else {
				$arr_login = array('visitor_id'=>$visitor_id, 'visitor_nick'=>$visitor_nick, 'logintimes'=>1);
				$m_member->create($arr_login);
			}
			$m_visit = spClass("m_visit");
			$m_visit->create(array('visitor_id'=>$visitor_id, 'visitor_nick'=>$visitor_nick, 'logintime'=>date('Y-m-d H:i:s', time())));
			setcookie('taobao_visitor_id', $visitor_id, time() + 604800);
			setcookie('taobao_visitor_nickname', $visitor_nick, time() + 604800);
		}

		setcookie('taobao_logintime', time(), time() + 604800);
		$from = $_GET['from'] ? 'from=' . $_GET['from'] : '' ;
		$goto = $_GET['goto'] ? $_GET['goto'] : 'index.php';
		$acid = $_GET['acid'] ? '&acid=' . $_GET['acid'] : '';
		$mother = $_GET['mother'] ? '&mother=1' : '';
		$url = $from ? strstr($goto, '?')==false ? $goto . '?' . $from : $goto . '&' . $from : $goto;
		if($acid) {
			$url .= strstr($url, '?')==false ? '?' . $acid : '&' . $acid;
		}
		if($mother) {
			$url .= strstr($url, '?')==false ? '?' . $mother : '&' . $mother;
		}
		$this->jump($url);
		return false;
	}

/*
	function updatememberinfo() {
		$this->startnum = $startnum = $_GET['startnum'] ? $_GET['startnum'] : 0;
		$sql = "SELECT visitor_id, visitor_nick FROM member ORDER BY visitor_id ASC LIMIT $startnum, 20";
	
		$m_member = spClass("m_member");
		$result = $m_member->findSql($sql);
		foreach($result as $k=>$v) {
			$m_taobao = spClass('m_taobao');
			$req = new UserGetRequest;
			$req->setFields("user_id,uid,nick,sex,buyer_credit,seller_credit,location,created,last_visit,birthday,type,status,alipay_no,alipay_account,alipay_account,email,consumer_protection,alipay_bind");
			$req->setNick($v['visitor_nick']);
			$resp = $m_taobao->m_topsdk->execute($req);
			//$resp = get_object_vars($resp);
			$update_result['birthday'] = $resp->user->birthday;
			$update_result['sex'] = trim($resp->user->sex);
			$update_result['visitor_id'] = $v['visitor_id'];
			$update_result['visitor_nick'] = $v['visitor_nick'];
			$insert_sql = "INSERT INTO member_info (`visitor_id`, `visitor_nick`, `sex`, `birthday`) VALUES ($update_result[visitor_id], '$update_result[visitor_nick]','$update_result[sex]', '$update_result[birthday]')";
			$m_member->runSql($insert_sql);
			//$updatesql = "UPDATE member_info SET sex=$resp WHERE visitor_id='$visitor_id'";
			//$m_member->update('');
		}
		$this->startnum = $this->startnum + 20;
		$this->display("update_type.html");
	}
*/
}
?>